Taking each product in isolation, it's obviously bad from a consumer perspective if people are buying products that could compromise the security of their network. That's especially true if the product is supposed to improve security. Less parochially, these recent attacks show that the consequences could be greater than the security of your own network: if these things are easily hacked over the Internet, then they could become a part of a greater evil, a botnet.

At a recent customer event we were asked a reasonable question: "how do I know if some thing I've bought has been compromised?" There's no obvious answer. Your ISP may get in touch if you're suddenly using a lot of bandwidth. You could check the logs on your router. Or you might never know. Turn it off?

So here's the sales pitch: if you've a product that you're thinking of using, giving to your customers, buying, or selling, we can have a look at it for you. Our product security evaluations are pragmatic and relatively short. We're not always going to find every issue, but we'll approach it like an attacker would and find as much as we can in the time allowed.